rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
Vulnerabilities (2,432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-35828 | Hig | 7.0 | < 5.14.21-150500.33.6.1 | 5.14.21-150500.33.6.1 | Jun 18, 2023 | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c. | |
| CVE-2023-35827 | Hig | 7.0 | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Jun 18, 2023 | An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c. | |
| CVE-2023-35823 | Hig | 7.0 | < 5.14.21-150500.33.6.1 | 5.14.21-150500.33.6.1 | Jun 18, 2023 | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c. | |
| CVE-2023-35788 | Hig | 7.8 | < 5.14.21-150500.33.6.1 | 5.14.21-150500.33.6.1 | Jun 16, 2023 | An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. | |
| CVE-2023-3268 | Hig | 7.1 | < 5.14.21-150500.33.14.1 | 5.14.21-150500.33.14.1 | Jun 16, 2023 | An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. | |
| CVE-2023-3161 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Jun 12, 2023 | A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. | |
| CVE-2023-3141 | Hig | 7.1 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Jun 9, 2023 | A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. | |
| CVE-2023-3111 | Hig | 7.8 | < 5.14.21-150500.33.6.1 | 5.14.21-150500.33.6.1 | Jun 5, 2023 | A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). | |
| CVE-2023-2985 | Med | 5.5 | < 5.14.21-150500.33.11.1 | 5.14.21-150500.33.11.1 | Jun 1, 2023 | A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. | |
| CVE-2023-3006 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 31, 2023 | A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer | |
| CVE-2023-2002 | Med | 6.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 26, 2023 | A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil | |
| CVE-2023-0459 | Med | 6.5 | < 5.14.21-150500.33.14.1 | 5.14.21-150500.33.14.1 | May 25, 2023 | Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commi | |
| CVE-2023-33288 | Med | 4.7 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 22, 2023 | An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. | |
| CVE-2023-1859 | Med | 4.7 | < 5.14.21-150500.33.20.1 | 5.14.21-150500.33.20.1 | May 17, 2023 | A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. | |
| CVE-2023-2124 | Hig | 7.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 15, 2023 | An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. | |
| CVE-2023-21106 | Hig | 7.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 15, 2023 | In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kern | |
| CVE-2023-21102 | Hig | 7.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 15, 2023 | In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr | |
| CVE-2023-28410 | Hig | 8.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 10, 2023 | Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |
| CVE-2023-2156 | Hig | 7.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 9, 2023 | A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create | |
| CVE-2023-2513 | Med | 6.7 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | May 8, 2023 | A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. |
- affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.
- affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.
- affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.
- affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
- affected < 5.14.21-150500.33.14.1fixed 5.14.21-150500.33.14.1
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
- affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().
- affected < 5.14.21-150500.33.11.1fixed 5.14.21-150500.33.11.1
A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
- affected < 5.14.21-150500.33.14.1fixed 5.14.21-150500.33.14.1
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commi
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.
- affected < 5.14.21-150500.33.20.1fixed 5.14.21-150500.33.20.1
A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kern
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.
Page 118 of 122